Take back your log-in: It’s time to move away from Facebook Connect and toward OpenID

As for me, when I submit comments on any publication’s website, I look for Disqus (which I have registered with using my OpenID) or straight out OpenID. Totally worth it when they want authentication and identification. It also helps tie my ID back to my WordPress blog. So it has a second knock-on effect if people want to find out more about my other writings. OpenID works and it works well, and failing that Disqus works equally well for me. No need to reinvent any wheels when it comes to logins, authentications, etc.

If you are creating a new website or mobile app, one of the things you need to worry about most is user login.

User login is thorny. Make it too hard, and users won’t sign up. Make it too easy, and you put users’ passwords at greater risk of being hacked.

Moving all that pain to [company]Facebook[/company] might seem like an attractive option. Facebook has been pushing its Facebook Connect service as a way you can outsource the login capability to Facebook. You let Facebook handle the databases, the passwords, and so on, and you just do some simple code to link to Facebook. And there are already more than 1 billion Facebook users, so it’s likely your users already have a log-in. What’s not to Like (bad pun intended)? What’s not to like?

Well, most web properties have two important success criteria and measures: how many new users sign on every month, and how often they come back. Once you’ve used Facebook Connect, guess…